module.exports = () => {
  return async (req, res, next) => {
    const jwt = require('jsonwebtoken')
    const AdminUser = require('../models/AdminUser')
    const assert = require('http-assert')
    const token = String(req.headers.authorization || '').split(' ')[1]
    assert(token, 422, '用户不存在,请登录')
    const { id } = jwt.verify(token, req.app.get('psw'))
    assert(id, 422, '用户不存在,请登录')
    req.user = await AdminUser.findById(id)
    assert(req.user, 422, '用户不存在,请登录')
    next()
  }
}